How GitHub provides code owners?

How GitHub provides code owners? This is an article prepared for the PSY 204, Computer and Society course in Abdullah Gül Univesity in Kayseri, Turkey. Instructor is Ayşenur BENEVENTO.

Introduction:

Most of the developers uses some version-control systems since of such reasons to provide codes’ stability, to follow all changes, storing codes and backing them up, working with a team or collaborators. There are many software and services used for this purpose, which is one of the GitHub. GitHub is a service that provides to serve projects distributed with “git” version-control system. GitHub is basically a web service makes easier to follow changes in your software project and working together. In long run GitHub service was evolved into a common sharing space for developers, a platform to find workers for companies, as a platform for educational support for students. Also it has a significant role to introduce the term open collaboration and open source. In this article, it will be reviewed that GitHub’s terms of service and how it provides open-collaborators.

Information About The Service:

Git version-control system is created by Linus Torvalds in 2005[1]. It is designed for tracking changes in Linux kernel source code despite to fact that git was evolved to a complex integratable toolkit during its development. Although git version-control system has a web frontend structure[2], that have been developed many applications and web-services that provides git version-control system that most popular services can be listed as Sourceforge, Gitlab and GitHub. GitHub was founded in February 8, 2008; located in San Francisco[3]. As reported by GitHub[3], as of August 2019, it has 40 million users and 100 million code repository that making it the largest host of source code in the world [4]. The GitHub company acquired by Microsoft [5] for $7.5 billion[6]. GitHub has $2 billion market value in 2018 [7] and it has significant big market share on software configuration management[8]. GitHub is second biggest software configuration management system with 37,069 install bases and its market share about 21.43%[8]. GitHub has a public API to improve GitHub for your requirements though it also contains some tools named “GitHub Apps”[10] and it have many collaborations with many 3rd party services named “OAuth Apps”[9]. It proves some open source tool that have proven their presence in the world of open source software such as Docker, Kubernetes, Jenkins and also closed source services such as “Slack”. Therefore, these features, its flexibility and security issue made it one of the most widely used services and one of the software configuration management with largest market volume. GitHub has such a complex structure and flexibility, as well as an understandable and strict privacy policy. It had one main privacy policy but it has a broad privacy policy that includes dozens of sub-regulations. In this article, personal and corporate usage policies will be examined, these two usage policies will be compared, finally, compliance with personal data and regulations on the protection of sensitive data will be investigated these policies and privacy policy.

Terms of Service:

GitHub terms of service include a broad service regulation policy, as mentioned earlier. The link to the service policy is at the bottom of the page on the GitHub. It can be found on all page, especially frequently used pages like search navigator page, users profile page. Terms of Service page and its policy is totally consisted of more than 6000 words and 2 headers “Summary” that provides detailed information about the subsections contained in the conditions of use and “GitHub Terms of Service” divided to 18 section. The sections can be listed as “A. Definitions” includes some basic terms, “B. Account Terms” states the basic requirements of having an Account, “C. Acceptable Use” includes basic account rules, “D. User-Generated Content” states rules about the personal contents uploaded by users, “E. Private Repositories” states rules content posted in private repositories. “F. Copyright & DMCA Policy” includes the responsibility of GitHub to provide licensing of any content. “G. Intellectual Property Notice” describes GitHub’s rights in the website and service, “H. API Terms” states API rules for using the API for development or data collection, “I. Additional Product Terms” states specific rules for GitHub’s features and products “J. Beta Previews” includes policy whether you use beta features, “K. Payment” includes the security of payments and billing rules, “L. Cancellation and Termination” states rules whenever you delete your account or content, “M. Communications with GitHub” includes Github communication policy, “N. Disclaimer of Warranties” states that GitHub provide its own service as is, and they make no promises or guarantees about this service, “O. Limitation of Liability” states that GitHub will not be liable for damages or losses arising from users’ use or inability to use the service or otherwise arising under this agreement, “P. Release and Indemnification” states that users are fully responsible for their own use of the service “Q. Changes to these Terms of Service” includes rules whether terms are updated, “R. Miscellaneous” states legal details including law choices of GitHub. In this article, the role of licenses specifically for repositories and codes in fork repositories in the protection of licenses will be examined. Arrangements relating to stated situation are included in paragraphs from 3 to 7 of Section “D. User-Generated Content” and Section “F. Copyright & DMCA Policy”.

The GitHub Terms of Service[9] states that: every user grantee preserve of ownership and responsibility of contents and the originality of the content. All rights related to the licensing of the content and the compatibility of the content with the license granted are left to the users’ will. The use of a legal process for the elimination of violations that may arise is at the discretion of the user. GitHub has a wide right to arise from responsibility for all arrangements to make the uploaded content compatible with the client and to distribute it voluntarily through the GitHub site. However, these rights do not entitle GitHub to sell or change your data, nor do they assume all authority to protect the privacy of personal data requested when opening GitHub account like credit card information. The contents that is loaded onto GitHub are stored in repositories. The repositories are divided into two “public” and “private” according to choise of distribution. “Private” repositories and data in the repositories are firstly protected by GitHub and distributed to specific collaborators at the user’s request. GitHub accepts no responsibility for any violation arising out of the exclusive distribution by the user. “Public” repositories can be opened opened by accepting the monitoring and forking of the repository by others. In case of violations among GitHub users, firstly GitHub may be requested to correction, however, GitHub cannot be held responsible for this violation in case of a judicial review. In the event that any user forks and edits a repository under the license notice, that user must be distributed under the same license terms. However, where appropriate conditions are provided, the license agreement or the content owner permits, the license may be exchanged. In addition to service terms, GitHub has another policy to deal with license violations named Digital Millennium Copyright Act Policy. DMCA[10] policy is the most important regulation to ensure that GitHub creates a safe harbor for many projects and advocates for the justice. DMCA has two procedures; notification of copyright holders for unauthorized reproduction of software, and counter-notification procedures for the person sharing the content. In the event of such a complaint, firstly content owner and copyrights are investigated. GitHub requests a takedown notice at this stage. If the eligibility of the requested documents and confirmation of content violation are met, the distributor is admonished. GitHub gives a period of 24 hours to remove violated content. if the infringement on the content is not corrected or it is determined that the entire content is shared without permission, the content is suspended by GitHub. If the violation is resolved by the distributor, the takedown request is reclaimed to be withdrawn by the copyright owner. All of these stages are open to judgment. If the copyright owner does not notify GitHub within 10–14 days, GitHub will reactivate the disabled content by sending a copy of a valid legal complaint filed in a competent court. The forks are a bit simpler. In case of removing the main repositories, their fork repositories will not be removed. Of the rights violations to be made on fork repositories, if the violation has been made to the parent repositories’ owner, the parent repositories owner shall proceed with the same procedure as the above steps. GitHub is not obliged to detect such violations but to take steps to be followed after the takedown requests of such violations. All these steps will be notified to both parties on the changes and updates on each step in order to avoid any inconvenience. As a result, since its release, these regulations have been sufficient to protect content owners on GitHub.


Resources

“A Short History of Git”. Pro Git (2nd ed.). Apress. 2014. Archived from the original on 11 July 2019. Retrieved 26 December 2019.

  1. “4.7 Git on the Server - GitWeb”. Pro Git (2nd ed.). Apress. 2014. Archived from the original on 11 July 2019. Retrieved 26 December 2019.
  2. “Github About Page” Archived from the original on 26 December 2019. Retrieved 26 December 2019. 4.Gousios, Georgios; Vasilescu, Bogdan; Serebrenik, Alexander; Zaidman, Andy. “Lean GHTorrent: GitHub Data on Demand” (PDF). The Netherlands: Delft University of Technology & †Eindhoven University of Technology: 1. Retrieved July 9, 2014. During recent years, GITHUB (2008) has become the largest code host in the world.
  3. “Confirmation of Microsoft acquisition of GitHub”. Github Blog. Archived from the original on 19 December 2019. Retrieved 26 December 2019.
  4. “Microsoft has acquired GitHub for $7.5B in stock”. TechCrunch. Retrieved June 4, 2018.
  5. “How this 33-year-old college dropout co-founded GitHub, which just sold to Microsoft for $7.5 billion” CNBC. Archived from original on 9 July 2019. Retrieved 26 December 2019.
  6. “Software Configuration Management products” enlyft. . Retrieved 26 December 2019.
  7. “Github Terms of Service”, Github, Retrieved 05 Devember 2019.
  8. “DMCA Policy”, Github, Retrieved 05 Devember 2019.